Frontier Communications → FTP Port open

Hi All,

Since receiving this new 7550 modem, Gibson Research ShieldsUp is showing ports 20, 21 and 500 visible to the Internet.

I am not sure if it is the modem, but I cannot find anyway to hide those ports.

Could some of you check to see what you are getting? Ports visible is not a good thing. Especially FTP as an attacker can upload or download anything.

www.grc.com
In the "Services" drop-down menu, select "ShieldsUp"
Click "Proceed" in the next window
Click "Continue" if you get the encrypted warning.
Click "Common Ports" and it should NOT show "Failed" with Port 21 "Closed" or "Open"
Click "All Service Ports" and it should not show port 20,21 or 500 visible.

I am wondering if these modems are set that way so that Frontier tech support can assist with problems. Well meaning, no doubt, but it is not a good thing to have those ports visible ALL of the time.

Thanks

Harry

This is being caused by FTP, IPSEC and PPTP ALG in the gateway. Go to »192.168.254.254/ , choose Advanced, and then select ALG. Uncheck FTP ALG, PPTP ALG and IPSEC ALG. Save, go to Advanced, click on Reboot Gateway and run ShieldsUp again.

I confirmed this on my Netgear 7550.

While it is nice to know that this port can be stealthed, as long as it is returning as closed to sheildsup its not a huge issue. If it was returning as open I'd be concerned.

@Smith6612:
Thanks. That solved the Port issue, but GRC still shows that it is returning Pings. I have gone through the "Advanced" section and cannot find anything that might disable that too. Any thoughts?

@Aranarth:
Yup, I read that in the GRC explanation, but Port 20 and 21 are both visible and Port 20 (FTP Control) handles Open/Closed for Port 21 which is the FTP data channel. Given that both were visible, Opening the Port would be a simple thing to do. Moot now as Smith's ALG adjustment solved that.

Pings are stopped by the modem's Firewall. You will want to enable that to tell it to not respond to ICMP traffic, but be aware, without a custom configuration it may start resulting in issues with programs the higher you set it (as it begins blocking ports and traffic types itself).

Thanks I had it set at Minimum but will elevate it to High and see what I can't do. May have to drop back to medium. When Frontier set up the modem it was to "Off"

Thanks

Harry

I am completely hidden with it set to medium.

I have two rules added which are both types 1024 to 65535 triggered.

Everything works just fine.

I play everquest and a few other games which pick random ports.

Torrents can also pick random ports.

Rather than fighting with it to give me what i wanted I went this route. Not as secure as picking every single port i want but a whole lot easier.

I had to drop back to low as gmail-POP server would not respond. So, I guess I will have to live with the Ping. I monitor 8 gmail accounts for clients and they are all set as POP and I guess the GMail POP server is expecting free run at the ports.

A POP server shouldn't require client-side port access. It may be that the Gmail POP server requires a response to ping. If your modem allows for granular permissions by IP address range, you could limit ICMP response to only the Gmail POP server IP addresses.